70-rcvbuf-size.patch 1.1 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
Index: src/racoon/isakmp.c
===================================================================
RCS file: /cvsroot/src/crypto/dist/ipsec-tools/src/racoon/isakmp.c,v
retrieving revision 1.60
diff -u -r1.60 isakmp.c
--- a/src/racoon/isakmp.c	3 Sep 2009 09:29:07 -0000	1.60
+++ b/src/racoon/isakmp.c	20 Aug 2010 11:59:20 -0000
@@ -1579,6 +1579,7 @@
 #ifdef ENABLE_NATT
 	int option = -1;
 #endif
+        int rcvSize = 16384;
 
 	/* warn if wildcard address - should we forbid this? */
 	switch (addr->sa_family) {
@@ -1706,6 +1707,17 @@
 		goto err;
 	}
 
+	/* set receive buffer size - shouldn't be too large otherwise
+	 * we can acommodate too long backbuffer of packets and not
+	 * able to handle any packets in real time */
+	if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF,
+	                (void*) &rcvSize, sizeof(rcvSize)) < 0) {
+                plog(LLV_ERROR, LOCATION, NULL,
+                     "failed to set SO_RCVBUF size (%s).\n",
+                     strerror(errno));
+                /* soft-error, continue even if this failed */
+        }
+
 	if (setsockopt_bypass(fd, addr->sa_family) < 0)
 		goto err;